2020-November-25 12:00
2020-August-28  18:57

Iranians to Enjoy Cyber Insurance against Data Theft

TEHRAN (FNA)- Iranian insurance sector will offer cyber theft protection services for the first time amid growing online activities during the coronavirus spread and the higher risk of exposure to data theft for businesses and individuals.

Chairman of Iran Insurance Company Gholamreza Soleimani said on Thursday that cyber insurance will be available in the country by the yearend (late March 2021).

“This cyber insurance is being implemented in our country and its by-laws are being compiled,” Soleimani was quoted as saying by IRIB News.

The official said that firms will be insured against cyber-attacks and hacks that could harm their data systems.

The service is going to be launched amid efforts in Iran’s insurance sector, the largest in West Asia, to diversify products and implement programs that would hamper losses during the virus spread.

It also comes as the application of data services in Iran has highly grown since the start of the coronavirus outbreak in late February.

Experts are of the opinion that the increased use of online services in Iran would create thousands of small and medium sized companies that are weak and susceptible to hacks and attacks in terms of technology.

However, Iranian insurance companies have significantly increased digital services during the virus outbreak as selling some mandatory policies have been restricted to websites to minimize contacts between brokers and buyers.

Iran is believed to be the first nation to have come under a cyberattack.

In May 2019, Iranian Minister of Information and Communications Technology Mohammad Javad Azari Jahromi revealed that Tehran has developed an indigenous firewall securing its sensitive industrial facilities against Stuxnet, a cyber-weapon widely believed to be made by the US and Israel and used in the past to target the Islamic Republic’s nuclear energy program.

Jahromi announced the development of the indigenous firewall on his Instagram page.

The firewall, he said, has been designed and developed by young Iranian scientists, and successfully tested on industrial automation systems.

The firewall “practically neutralizes industrial [acts of] sabotage, such as (those potentially launched by) Stuxnet, in electrical grids and suchlike,” he wrote, adding, “By relying on (our) youths, we will turn threats into opportunities.”

The minister noted that he will release further information on the achievement on the World Telecommunication and Information Society Day, which falls on May 17.

The cybersecurity project launched by the ICT Ministry was codenamed Digital Fortress (Dejfa in Persian) to shield the country from increasing cyber threats targeting Iran’s infrastructure and online businesses.

The 4 systems of cyber-security launched by the Iranian Ministry of Information and Communications Technology (ICT) in May, 2019 detected 29 million cyberattacks against the country, including 19 million attacks conducted from 24 countries, in only the first 4 months of its operations.

A report published in September 2019 detailed the performance of 4 systems working under Dejfa since the cybersecurity project was launched in May.

“Dejfa Teleware System” has identified 19 million cyberattacks against Iran from 24 countries. 10 million attacks were launched from inside Iran.

“Kavoshgar System” has analyzed 3,000 suspicious files and evaluated 140 applications. The system issued warning on 322 cases, and contacted vulnerable sections on 2,550 other cases.

“Dana System” with a nationwide coverage of the country’s IP addresses, has identified 20,000 vulnerable facilities inside the country.

“Detection and Countering System” has identified 39 million cyberattacks, suspicious or illegal activities. The system has also identified 18,000 malwares.

According to Deputy ICT Minsiter Hamid Fattahi, Dejfa has improved monitoring and detection of cyber-threats by 200 percent.

Late in June, ICT Minister Mohammad Javad Azari Jahromi said in a tweet that US cyber-attacks against Iranian missile control systems had failed to cause any disruptions.

"The media ask whether the alleged cyber-attacks against Iran did take place," Azari Jahromi said in a tweet on June 24.

"They try hard, but they have yet to carry out a successful attack," he added.

The attacks came shortly after the Islamic Revolution Guards Corps (IRGC) shot down a US Navy RQ-4A global Hawk drone that had entered Iranian airspace in the Persian Gulf region to gather intelligence, using Khordad 3 indigenous surface-to-air missile system.

"We have been facing cyber-terrorism for a long time...Last year we neutralized 33 million attacks with the (national) firewall," Jahromi noted.

The Washington Post reported in June 2012 that the US National Security Agency (NSA), its spy service CIA, and Israel’s military had worked together to launch Stuxnet against Iran’s nuclear facilities.

In late 2015, Iran's then Foreign Ministry Spokesman Hossein Jaberi-Ansari called the attacks that came in 2011 “illegal,” saying Tehran had never responded with “reciprocal cyber-attacks.”

In November 2016, Iran’s top nuclear official said the cyber-attack had worked against the US and Israel’s intended objectives and instead helped improve the Islamic Republic’s readiness against such acts of sabotage.

The deployment of the malware against Iran’s nuclear facilities had made the country realize how it had to prepare against such attempts, the head of the Atomic Energy Organization of Iran (AEOI), Ali Akbar Salehi, said at the time.

Back in November, Iranian officials announced that a wave of Israeli cyber-attacks on the country's communications infrastructure was successfully thwarted, reassuring that Iran will bring the case before international entities.

CEO of Iran’s Telecommunications Company Hamid Fatahi was first to break the news who posted a message on his Twitter account on November 05 reporting an attempt by “an occupying regime” to launch “sporadic” cyber assaults against the Islamic Republic’s communications infrastructure, in reference to the regime in Tel Aviv.

All the attacks, he added, “were firmly foiled.”

Shortly afterwards, Iranian Minister of Information and Communications Technology Mohammad-Javad Azari Jahromi re-posted Fatahi’s tweet and said, “The regime – with a notorious background in using cyber weapons in cases such as Stuxnet – was this time attempting to harm Iran’s communications infrastructure.”

Two days earlier, Iranian legislators prepared a bill which requires the country's Armed Forces to develop plans, means and infrastructure for confronting possible US cyber-attacks.

Operation Olympic Games was a covert and still unacknowledged campaign of sabotage by means of cyber disruption, directed at Iranian nuclear facilities by the United States and likely Israel. As reported, it is one of the first known uses of offensive cyber weapons. Started under the administration of George W. Bush in 2006, Olympic Games was accelerated under President Obama, who heeded Bush's advice to continue cyber attacks on the Iranian nuclear facility at Natanz.

In relevant remarks in October 2019, Head of Iran's Civil Defense Organization Brigadier General Gholamreza Jalali said that former US President Barack Obama was the first-ever president who ordered and acknowledged the responsibility for the cyber attacks against Iran's nuclear infrastructures.

Jalali told FNA that the former commander of the US cyber war proposed Obama to launch cyber attacks against Iran's nuclear facilities, adding that Obama welcomed the idea and "for the first time a president admitted the responsibility for a cyber attack against another country and then they attacked us".

He, meantime, said that when the Americans studied the costs and benefits of the attacks after one year, they realized that the damage of the attack for themselves were more than what they had gained and therefore, they dismissed the commander.

In October 2014, General Jalali revealed that a US cyberattack on Iran's nuclear enrichment facility in Natanz failed due to his organization's tough defensive measures.

"The first cyberattack, codenamed Olympic Games, was carried out on Natanz and was declared by the US President, but it met our heavy (defensive) response," Jalali told reporters in a press conference in Tehran.

The senior commander said the US changed its cyber commander following the failure in the cyberattack on Natanz, adding that the US general was forced to retire several months ago "due to the wrong information and data that he had presented to President Obama".

And this was the result of our direct confrontation with them, General Jalali added.

The US was the principal player in the most sophisticated cyber-attack ever known and has been orchestrating a campaign against Iran designed to undermine the country's nuclear program.

The New York Times came up with an in-depth report on June 1, 2012 saying that from the very first month Barack Obama took over as US President, he secretly ordered increasingly sophisticated attacks on Iran's computer systems that run the country's main nuclear enrichment facilities.

The disclosures about Obama's role in the cyberwar against Iran appear to show beyond doubt that the US, with the help of Israel, was behind the Stuxnet virus attack on Iran's centrifuge machines – used to enrich uranium. The revelation then indicated that Washington and Tel Aviv were also behind the Flamer and Duqu virus attacks discovered by experts in May 2012.

Codenamed Olympic Games, the attacks were spearheaded by the US government under the Bush administration. Stuxnet targeted Siemens industrial equipment to spin hundreds of centrifuges beyond their breaking points and eventually disable Iran's nuclear efforts.

According to the report, Obama decided to speed up the attacks, even after the worm escaped from Iran's Natanz plant in 2010 and later ended up on the Internet.

During a meeting following the worm's escape, Obama even considered that the worm should be stopped thinking that America's most ambitious attempt to slow the progress of Iran's nuclear efforts had been fatally compromised.

Should we shut this thing down? Obama asked members of the President's national security team.

However, he finally decided to go ahead with the cyberattacks. What followed thereafter was the Natanz plant being hit by several newer versions of the worm.

The report is said to be based on 18 months of interviews with current and former American, European and Israeli officials involved in the program as well as with outside experts, who provided contradictory assessments of how successful the attack was in slowing down Iran's progress of developing nuclear weapons.

While internal Obama administration estimates claim the effort was delayed by 18 months to two years, some other experts, both inside and outside the government, said that Iran's enrichment levels had steadily recovered. A year later, Iran enriched uranium to the 20-percent grade, way beyond the 5-percent purity level that was done in Natanz in 2012.